Open in app

Sign In

Write

Sign In

Omer Hamerman
Omer Hamerman

481 Followers

Home

About

Aug 29, 2022

10 Things I wish I’d known before building a Kubernetes CRD controller

Give me six hours to chop down a tree and I will spend the first four sharpening the axe. - A. Lincoln Well I didn’t even know there was an axe… K8s resources, in that context, are one heck of a tree to chop. You better come ready to work…

Dev Ops

8 min read

10 Things I wish I’d known before building a Kubernetes CRD controller
10 Things I wish I’d known before building a Kubernetes CRD controller
Dev Ops

8 min read


Published in AWS Tip

·Jun 13, 2022

Introduction to AWS Lambda and Serverless

“ Serverless computing is a cloud computing execution model in which the cloud provider allocates machine resources on demand, taking care of the servers on behalf of their customers.” A recent uninformed discussion on Linkedin about container orchestration (wrongfully) compared to serverless, sparked a few thoughts in my mind: How…

Dev Ops

10 min read

Introduction to AWS Lambda and Serverless
Introduction to AWS Lambda and Serverless
Dev Ops

10 min read


Published in Nerd For Tech

·Sep 1, 2021

Introduction to Zero Trust on AWS ECS Fargate

After a long while of researching for information on a solution I knew I wanted, it was quite hard to figure out what to choose, and how to use it. …

Dev Ops

9 min read

Introduction to Zero Trust on AWS ECS Fargate
Introduction to Zero Trust on AWS ECS Fargate
Dev Ops

9 min read


Published in Geek Culture

·Jul 2, 2021

How to NOT secure web payment systems

Since the tale laid here is real, I’ll refrain from using specific names or locations. It might put me in some awkward situations. If you’ve been through something similar, it may sound familiar. That said, the identifying details have little to do with the story itself. It is not a new…

Security

5 min read

How to NOT secure web payment systems
How to NOT secure web payment systems
Security

5 min read


Published in Nerd For Tech

·Feb 18, 2021

Hacking your application may be easier than you think

TL;DR: I noticed a suspicious behavior on the weekly email from my coffee shop’s subscription; it was offering I edit my preferences directly through a dedicated link. I was able to bypass the cookie and authentication token (no tricks) and was able to reach an account details panel changing password /…

Dev Ops

7 min read

Hacking your application may be easier than you think
Hacking your application may be easier than you think
Dev Ops

7 min read


Published in FAUN Publication

·Sep 21, 2020

How hackers steal your keys and secrets

After hunting for security bugs I’ve realized clients I’m working with are not familiar enough (or at all) with basic “hacking” techniques. API keys, passwords, SSH encrypted keys, and certificates are all great mechanisms of protection, as long they are kept secret. Once they’re out in the wild, it doesn’t…

Dev Ops

10 min read

How hackers steal your keys and secrets
How hackers steal your keys and secrets
Dev Ops

10 min read


Published in ProdOpsIO

·May 28, 2020

Protect your application from CSRF attacks

Cross-Site Request Forgery attack and mitigations explained — Originally published at https://omerxx.com/csrf-attacks “CSRF is an attack that forces an end user to execute unwanted actions on a web application in which they are currently authenticated. …

Security

9 min read

Protect your application from CSRF attacks
Protect your application from CSRF attacks
Security

9 min read


Published in The Startup

·May 6, 2020

SQL injection for developers

The basics of how to test and protect your application — Originally published at https://omerxx.com/sql-injection-intro SQL Injection (SQLi) accounted for more than 72% of all attacks when looking at all verticals during (2018–2019) period. - State of the internet 2019, Akamai The quote above says it all. If there’s one attack vector to get familiar with as a web developer it’s…

Dev Ops

12 min read

SQL injection for developers
SQL injection for developers
Dev Ops

12 min read


Published in ProdOpsIO

·Jul 4, 2019

Vim: from foe to friend in 9 minutes

Lessons from 3-years of intensive learning — TL;DR Using Vim is by-far the most productiveness-enhancing, enjoyable and rewarding tool you’ll ever adopt. This post was an idea I had for a long time; there are literally endless pieces of information about Vim out there, and every time I started writing I thought I was just adding to the…

Vim

9 min read

Vim: from foe to friend in 9 minutes
Vim: from foe to friend in 9 minutes
Vim

9 min read


Published in ProdOpsIO

·Jun 3, 2019

Running Kubernetes and AWS in CHINA

The Chinese firewall, Pitfalls to avoid and keys to success — China tech market is one of leading in the world in terms of size and value. Its cloud adoption, however, is far slower than in the west, making it the most significant unfulfilled potential of cloud computing markets in the world. This continuously narrowing gap produces countless opportunities which western…

Docker

8 min read

Running Kubernetes and AWS in CHINA
Running Kubernetes and AWS in CHINA
Docker

8 min read

Omer Hamerman

Omer Hamerman

481 Followers

Principal DevOps @ Zesty.co

Following
  • Hacken.AI

    Hacken.AI

  • Darius Foroux

    Darius Foroux

  • Tom Kuegler

    Tom Kuegler

  • adrian cockcroft

    adrian cockcroft

  • Netflix Technology Blog

    Netflix Technology Blog

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech